Cyber Incident Victim: The Podiatric Offices of Bobby Yee

On October 29, 2018, The Podiatric Offices of Bobby Yee experienced a ransomware attack that resulted in unauthorized alteration and potential corruption of medical files containing patient information. The incident compromised systems storing sensitive personal and medical records, though the organization stated no evidence indicated data exfiltration or unauthorized viewing of information. Affected data included first and last names, addresses, telephone numbers, ages, genders, dates of birth, Social Security numbers, health insurance policy numbers, and full medical records. The attack disrupted normal operations by compromising the integrity of patient files, creating uncertainty about whether records were altered, corrupted, or rendered inaccessible. Approximately 24,000 patients were notified of potential exposure through a December 20 press release, which characterized the event as both confirmed alteration and potential corruption without fully clarifying the technical outcome.

The practice initiated protective measures upon discovery, though specific containment steps were not detailed beyond assessing the incident's nature and scope. Patients were advised that reconstruction or reconfirmation of their medical information might be necessary if files were compromised. A dedicated toll-free number (877-845-8111) and Monterey mailing address were established for inquiries, operating during weekday business hours. The notification acknowledged possible inconvenience to patients but did not disclose whether backups existed to restore corrupted data or whether ransom demands were received. No law enforcement involvement or third-party forensic analysis was referenced in the available communication. The practice concluded its public statement by expressing regret for concerns caused while maintaining there was no evidence of actual data misuse beyond system alteration.